Network Configuration Confusion

Basically I have been having trouble getting internet access through ipfire. Here is my network setup.
IPfire Lan 192.168.10.50 255.255.255.0
IPfire Wan 192.168.10.49 Connected to Modem/Router
Lan connected to Netgear 5 port switch
PC connected to Netgear switch
PC gets IP address from Windows DHCP server
I can ping both LAN and WAN interface on my IPfire PC
But with everything connected i get no internet access on PC
Is there somewhere where I can get some screen shots that I can look at that I can see if my cabling is wrong or my ip assigments are wrong

Your LAN and WAN subnets need to be different or routing will fail.

4 Likes

For drawings of networks using IPFire you can scan various threads.
In principle a standard config is as follows (my installation) :

  1. WAN provided by some device. Device type depends on WAN technology
    Cable modem connected to TV cable
  2. Ethernet cable connected to IPFire interface RED
  3. LAN is connected to a second NIC (GREEN)
    LAN devices are connected to a switch
  4. WLAN connected to a further NIC (BLUE)
    realised by an internal WiFi card and hostapd addon
  5. another network of public accessible servers can be connected to NIC#4 (ORANGE), network realised by a separate switch.

All networks must be distinct and only connected by IPFire device.

This means that there must be no overlap in the range of IP’s covered by these two interfaces.

This translates into a usable IP range of 192.168.10.1 - 192.168.10.254

Your wan address of 192.168.10.49 is included in that address.

If your ISP has given you that IP and the subnet they use is likely 255.255.255.0 then their usable range is also 192.168.10.1 - 192.168.10.254

You can check these numbers yourself using a site such as
https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=192.168.10.49&ctype=ipv4&x=Calculate

The simplest thing would be to change the third octet of your IP address from 10 to another number, anything between 0 and 255 but not 10. For example change it to 192.168.200.50 and with a subnet of 255.255.255.0 you will have a usable range of IP’s of 192.168.200.1 - 192.168.200.254 which now no longer overlaps with any potential IP’s from the red network.

The following provides a reasonably simple overview of subnets and how to define them and why to have them not overlap on routers.

https://www.howtogeek.com/devops/what-are-subnets-and-how-do-they-affect-my-network/

2 Likes

Thanks for your response. There is one problem and that is that my cable modem has to remain with is IP of 192.168.10.1 to be able to handle other devices on my network that are plugged directly into it

Your cable modem builds a network of 192.168.10.0/24. IPFire uses this as WAN and is connected with the interface red0 ( first NIC ).
Your local devices should be connected to the interface green0 ( second NIC ) of your IPFire. They are logically located in the green network ( 192.168.200.0/24 for example).
Devices connected directly to the cable modem belong to red network ( seen from IPFire ). They can only be accessed through IPFire, not by direct connection. Access green–>red is possible by default. For a connection red–>green, initiated by a device in red, must be allowed by a port forwarding rule.

2 Likes

Thanks

OK this is what i have tried

Gave my PC the following network IP

192.168.100.50, 255.255.255.0 Gateway ??? DNS 8.8.8.8

Green 192.168.100.10 255.255.255.0

Red 192.168.10.50 255.255.255.0

Rebooted both my pc and the ipfire PC

Still no go

What am I doing wrong

Do I need to put my modem in bridge mode. Do I need a crossover cable

The config of the PC can be done by DHCP.
Otherwise for ‘static’ configuration:
Address: 192.168.100.50
Gateway: 192.168.100.10 ( IPFire green address )
DNS: 192.168.100.10 ( IPFire is a DNS resolver )

You have to configure the DNS resolver. Because the resolver uses DNSSEC it is best to disable ISP’s DNS server.

When you are setting your red interface up are you doing this in Static or DHCP mode.

Most cable modems will provide you with the IP etc via DHCP. That is the easiest approach to use. If your cable modem and ISP are providing you with a static IP then you should be using the IP{, gateway and subnet that they will have supplied to you. If they have not supplied you with this information, then it is likely that they will supply it via DHCP.

A 192.168.10.0/24 network on the LAN port of the modem looks like a cable router config with DHCP.
A static config is possible but usually the parameters aren’t known. :wink:

1 Like

Thank you all I finally got it working

Now I am trying to figure out how to setup the URL filtering. Mainly the proxy

Any insights?

For general information on setting it up then the documentation is a good first step.

https://www.ipfire.org/docs/configuration/network/proxy

https://www.ipfire.org/docs/configuration/network/proxy/url-filter

Take note that the url filter will only filter http sites and not https sites as the traffic to https sites is encrypted.

2 Likes